Skip to content
cyberexploits
webappphptext

ZeroCMS 1.0 - Persistent Cross-Site Scripting

ZeroCMS 1.0 - Persistent Cross-Site Scripting

Publié le 2014-07-27

Code source

Épinglé au commit 7eac4c3a2ce5
textplatforms/php/webapps/34170.txt7eac4c3a
raw
######################

# Exploit Title: Persistent ZeroCMS Cross-Site Scripting Vulnerability



# Discovered by: Mayuresh Dani



# Vendor Homepage: http://www.aas9.in/zerocms/



# Software Link: https://github.com/pcx1256/zerocms/archive/master.zip



# Version: 1.0?



# Date: 2014-07-25



# Tested on: Windows 7 / Mozilla Firefox

              Ubuntu 14.04 / Mozilla Firefox



# CVE: CVE-2014-4710



######################



# Vulnerability Disclosure Timeline:



2014-06-15:  Discovered vulnerability

2014-06-23:  Vendor Notification (Support e-mail address)

2014-07-25:  Public Disclosure



# Description



ZeroCMS is a very simple Content Management System Built using PHP and

MySQL.



The application does not validate any input to the "Full Name", "Email

Address", "Password" or "Confirm Password" functionality. It saves this

unsanitized input in the backend databased and executes it when visiting

the subsequent or any logged-in pages.



######################



# Steps to reproduce the vulnerability



1) Visit the "Create Account" page (eg.

http://localhost/zerocms/zero_transact_user.php)



2) Enter your favourite XSS payload and click on "Create Account"



3) Enjoy!



More information:

https://community.qualys.com/blogs/securitylabs/2014/07/24/yet-another-zerocms-cross-site-scripting-vulnerability-cve-2014-4710



#####################



Thanks,

Mayuresh.

Voir sur GitHub